Privacy protection authentication method based on wireless body area network

ABSTRACT

A privacy protection authentication method based on a wireless body area network may be applied to a smart home care system. The method provides an authentication method for two-way authentication and key verification between a device and a cloud server, can ensure identities of the device and the cloud server to be valid and prevent network information security from being affected by external invasion attacks. A physical unclonable function and an elliptic curve cryptography algorithm are introduced to encrypt key data in the authentication process, so that the whole authentication process is in a safe environment, and the security of the authentication process is further improved through adding and removing functions of a third-party identity. The privacy protection authentication protocol method can resist replay attacks and smart card impersonation attacks, the whole authentication process is safe and efficient, and has a high application value in smart home care scenes.

TECHNICAL FIELD

The invention relates to the field of information security technologies, in particularly to a privacy protection authentication method based on a wireless body area network (WBAN).

BACKGROUND

Data transmission in wireless body area networks can submit data captured by smart sensor devices to cloud-based server platforms in real time, and ultimately to medical professionals, which can realize real-time healthcare monitoring, emergency healthcare response systems, smart home care systems, etc., to help patients enjoy high-quality healthcare services.

In order to improve the security of system, participating entities in a system need an authenticated session key agreement, however, when a sensor device transmits private health data to a cloud-based server platform, it needs to pass through a public channel, which requires that the security of the data must be considered in the process of information transmission.

Because of mobility and openness of wireless body area networks, one of hot issues in the research field is how to protect sensitive data of patients.

The dependence on wireless technology brings many security challenges to existing protocol schemes, such as replay attacks and smart card theft attacks to obtain information of patients.

The patent document of Chinese patent application publication No. CN104901809A discloses a remote authentication protocol method based on password and smart card. The method employs an optimized elliptical curve algorithm, and a counting set and authentication codes are embedded. The password can be modified, and a lost smart card can be canceled. However, the protocol has no extra protection for verification parameters, and the parameters may be intercepted in the public channel, and thus the security is not high.

The patent document of Chinese patent application publication No. CN111294352A discloses a data security authentication method between a cloud and an edge node. An elliptic curve cryptographic algorithm is introduced to encrypt key data in an authentication process. An algorithm key size, system parameters and a storage space are relatively small, and thus the method is suitable for an authentication environment of edge computing nodes with limited computing resources and storage resources. However, the method does not optimize the algorithm, and does not consider the problem of replay attacks, making the security is not high.

The academic document entitled “A provably secure and lightweight patient-healthcare authentication protocol in wireless body area networks” proposed by Bander A. Alzahrani et al. in “Wireless Personal Communications” on Mar. 29, 2020 discloses an authenticated patient-healthcare monitoring protocol is proposed, which uses untraceable temporal credentials for wireless sensor networks (WSNs) to complete mutual authentication through two-factor authenticated key agreement protocol, but it is vulnerable to threats of session-specific temporary information attacks and replay attacks.

SUMMARY

In view of the problems in the related art, a purpose of the invention is to provide a privacy protection authentication method based on wireless body area networks. The method may be applied to an intelligent home care system, and encrypts key data in an authentication process by employing the Deffie-Hellman key exchange and introducing a physical unclonable function (PUF) and an elliptic curve cryptographic algorithm, to resist replay attacks, smart card theft attacks, sensor capture attacks and other issues, thereby improving the security of information transmission.

Specifically, a privacy protection authentication method based on a wireless body area network, may be applied to an intelligent home care system and may include:

S1, initializing a cloud server HN;

S2, submitting a registration request in a secure channel to a super administrator SA by a user through a device, and returning registration information to the device through the secure channel by the super administrator after computational processing;

S3, submitting an authentication request to the cloud server HN, accessing the registration information from a memory and sending the registration information after being added with verification parameters to the cloud server HN, by the user through the device;

S4, determining a session key K_(SH) for the device and the cloud server HN, after the device and the cloud server HN both complete authentications; and

S5, updating the registration information in the memory.

In a preferred embodiment, the initializing a cloud server HN specifically includes: selecting a function of an elliptic curve E_(p) and a base point P on the elliptic curve E_(p) by the super administrator SA, then determining a long-term key K_(CHN) and secretly storing the long-term key K_(CHN) in the cloud server HN by the super administrator SA, calculating a public key Q=K_(CHN)·P of the cloud server HN through the function of the elliptic curve E_(p), and making parameters except the long-term key K_(CHN) public.

In a preferred embodiment, the device and the cloud server HN transmit information EMS through a wireless public channel, the information EMS is relayed through a router AP, the router AP is responsible for relaying and forwarding the information EMS, and an identity id_(p) of the router AP is added to or removed from the relayed information EMS.

In a preferred embodiment, the S2 specifically includes:

S2.1, transmitting information with the super administrator SA through the secure channel by the user after installing a healthcare monitoring device;

S2.2, sending the registration request to the super administrator SA through the secure channel by the user;

S2.3, generating current time stamp T_(j) and storing the current time stamp T_(j) in the cloud server HN, by the super administrator SA after receiving the registration request; setting an identity id_(j) and a random integer a_(j) for a sensor node SN of the healthcare monitoring device by the super administrator SA, calculating public values x_(j) and y_(j) between the cloud server HN and the sensor node SN of the healthcare monitoring device and a secret value MN_(j) between the cloud server HN and the sensor node SN of the healthcare monitoring device, and sending the registration information to the sensor node SN of the healthcare monitoring device through the secure channel;

S2.4, storing the registration information {id_(j), x_(j), y_(j), MN_(j)} to the memory by the sensor node SN of the healthcare monitoring device after receiving the registration information;

S2.5, setting an identity id_(p) for a router AP by the super administrator SA, and storing the identity id_(p) in both the router AP and the cloud server HN; and

S2.6, generating a device challenge value Cha_(j) based on a physical unclonable function (PUF), calculating a response value Res_(j), calculating a secret value ST_(j) of the sensor node SN and storing Cha_(j), Res_(j), ST_(j) in the memory, by the sensor node SN of the healthcare monitoring device.

In a preferred embodiment, the authentications in the S4 are based on mutual authentication and key verification between a sensor node SN of a healthcare monitoring device and the cloud server HN.

In a preferred embodiment, specific steps of the mutual authentication and key verification include:

S4.1, generating current time stamp T₁, obtaining an identity verification parameter Vid_(j) through encrypted computation and sending information EMS₁ to a router AP, by the sensor node SN of the healthcare monitoring device;

S4.2, adding, by the router AP after receiving the information EMS₁, an identity id_(p) into the information EMS₁ to obtain information EMS₂, and sending the information EMS₂ carrying the identity id_(p) of the router AP to the cloud server HN by the router AP;

S4.3, generating current time stamp T₂ and judging the time stamp T₁ and the identity id_(p) in the information EMS₂ by the cloud server HN; when any one of the time stamp T₁ and the identity id_(p) is judged to be invalid, terminating a first authentication; when the time stamp T₁ and the identity id_(p) both are judged to be valid, acquiring by the cloud server HN a time stamp T_(j) and a long-term key K_(CHN) from a database, performing computation on the time stamp T_(j) and the long-term key K_(CHN) together with parameters in the information EMS₂ to obtain an identity comparison verification parameter Vid_(j)* and comparing the identity comparison verification parameter Vid_(j)* with the identity verification parameter Vid_(j) in the information EMS₂ to obtain a comparison result, terminating the first authentication when the comparison result indicates they are not equal, the first authentication being successful when the comparison result indicates they are equal;

S4.4, generating a session key K_(SH) by the cloud server HN after the first authentication is successful, and sending information EMS₃ to the router AP after obtaining an identity verification parameter Δ through computation;

S4.5, removing the identity id_(p) by the router AP after receiving the information EMS₃ to obtain information EMS₄, and then sending the information EMS₄ to the sensor node SN of the healthcare monitoring device;

S4.6, generating current time stamp T₃ and judging a time stamp T₂ in the information EMS₄ by the sensor node SN of the healthcare monitoring device; when the time stamp T₂ is judged to be invalid, terminating a second authentication; when the time stamp T₂ is judged to be valid, obtaining an identity id_(j) from the sensor node SN by the sensor node SN of the healthcare monitoring device, performing computation on the identity id_(j) together with parameters in the information EMS₄ to obtain an identity comparison verification parameter Δ* and comparing the identity comparison verification parameter Δ* with the identity verification parameter Δ in the information EMS₄ to obtain a second comparison result, terminating the second authentication when the second comparison result indicates they are not equal, the second authentication being successful when the second comparison result indicates they are equal; and

S4.7, after the second authentication is successful, acquiring the session key K_(SH) from the information EMS₄ by the sensor node SN of the healthcare monitoring device, and updating the registration information in the memory.

In a preferred embodiment, a method of time stamp judgement is |T_(n)−T_(n+1)|≤ΔT, where T_(n) represents a time stamp contained in information sent from a previous stage, T_(p+1) represents current time stamp obtained by a device when receiving the information sent from the previous stage, and ΔT represents a preset maximum delay time allowed in a communication process; when a time difference between T_(n) and T_(n+1) is greater than the threshold ΔT, an authentication is terminated, and whereas when the time difference is less than the threshold ΔT, going to a next step.

In a preferred embodiment, the S4.1 specifically includes: generating, by the sensor node SN of the healthcare monitoring device, a random number and the current time stamp T₁, calculating two verification parameters S₁=b_(j)·P and S₂=b_(j)·Q through a function of an elliptic curve E_(p), calculating the identity verification parameter Vid_(j)=h(id_(j)∥x_(j)∥y_(j)∥S₁∥S₂∥h(S₂, MH_(j))∥T_(j)∥T₁), and adding {x_(j), y_(j), Vid_(j), S₁, T₁, T_(j)} into the information EMS₁, where x_(j) and y_(j) are acquired from the memory;

the S4.3 specifically includes: when the time stamp T₁ and the identity id_(p) both are judged to be valid, calculating a_(j)=x_(j)⊕h(K_(HN), T_(j)), id_(j)*=x_(j)⊕h(K_(HN), a_(j), T_(j)) by the cloud server HN based on content of the information EMS₂, calculating S₂*=K_(HN)·S₁ through the function of the elliptic curve E_(p), and then obtaining the identity comparison verification parameter Vid_(j)*=h(id_(k)*∥x_(j)∥y_(j)∥S₁∥S₂*∥h(S₂*, h(id_(j)*, K_(HN)))∥T_(j)∥T₁) through computation;

the S4.4 specifically includes: generating two random numbers a_(i) and b_(i) by the cloud server HN, calculating two verification parameters S₃=b_(i)·P and S₄=b_(i)·S₁ through the function of the elliptic curve E_(p), updating x_(j) ^(new)=a_(i)⊕h(K_(CHN)∥T₂) and y_(j) ^(new)=id_(j)*⊕h(K_(CHN)∥a_(i)∥T₂), calculating transfer values μ=x_(j) ^(new)⊕h(S₂*∥h(id_(j)*∥h(id_(j)*∥K_(CHN))∥T₂) and λ=y_(j) ^(new)⊕h(T₂∥S₂*∥h(id_(j)*∥K_(CHN))), calculating the session key K_(SH), calculating the identity verification parameter Δ=h(x_(j) ^(new)∥y_(j) ^(new)∥K_(SH)∥T₂), and adding {μ, λ, Δ, S₃, T₂, id_(p)} into the information EMS₃, whereμ is configured to encrypt the x_(j) ^(new), and λ is configured to encrypt the y_(j) ^(new);

the S4.6 specifically includes: when the time stamp T₂ is judged to be valid, calculating S₄*=b_(j)·S₃ through the function of the elliptic curve E_(p) by the sensor node SN of the healthcare monitoring device, calculating updated x_(j) ^(new)*=μ⊕h(S₃∥MH_(j)∥T₂) and updated y_(j) ^(new)*=λ⊕h(T₂∥S₂∥MH_(j)), calculating a session key K_(SH)* based on content of the information EMS₄, and calculating the identity comparison verification parameter Δ*=h(x_(j) ^(new)*∥y_(j) ^(new)*∥K_(SH)*∥T₂);

identity verification parameter comparison is comparing an identity verification parameter carried by information EMS sent from a previous stage with an identity comparison verification parameter obtained by each of the sensor node SN of the health monitoring device and the cloud server HN based on existing parameters, the identity verification parameter carried by information EMS sent from a previous stage is one of Vid_(j)=h(id_(j)∥x_(j)∥y_(j)∥S₁∥S₂∥h(S₂, MH_(j))∥T_(j)∥T₁) of the sensor node SN of the healthcare monitoring device and Δ=h(x_(j) ^(new)∥y_(j) ^(new)∥K_(SH)∥T₂) of the cloud server HN, the identity comparison verification parameter obtained by each of the sensor node SN of the health monitoring device and the cloud server HN based on existing parameters is one of Vid_(j)*=h(id_(j)*∥x_(j)∥y_(j)∥S₁∥S₂*∥h(S₂*, h(id_(j)*, K_(HN)))∥T_(j)∥T₁) of the cloud server HN and Δ*=h(x_(j) ^(new)*∥y_(j) ^(new)*∥K_(SH)*∥T₂) of the sensor node SN of the healthcare monitoring device.

In a preferred embodiment, the updating the registration information specifically includes: after the device and the cloud server HN complete mutual authentication and key verification, acquiring, by the device, parameters from information EMS₄ sent by the cloud server HN, calculating x_(j) ^(new)*=μ⊕h(S₃∥MH_(j)∥T₂) and y_(j) ^(new)*=λ⊕h(T₂∥S₂∥MH_(j)), using x_(j) ^(new)* to replace x_(j) of the registration information in the memory, and using y_(j) ^(new)* to replace y_(j) of the registration information in the memory.

The above parameters with the symbol “*” are information may be stolen or impersonated by the third party in the authentication processes.

Compared with the related art, the embodiments of the invention may achieve beneficial effects as follows.

The key data in the authentication processes are encrypted by using Deffie-Hellman key exchange and introducing a physical unclonable function and an elliptic curve cryptographic algorithm, the registration information are encrypted by introducing a time stamp T in the registration process, and moreover, the time stamp T is updated in time after the authentications are completed, so that the registration information is difficult to be stolen, and the threats of replay attacks and smart card impersonation attacks are solved.

In addition, by setting the third-party router AP as a relay station between the sensor node SN and the server HN, the function of adding and removing the independent identity id_(p) is provided in the information transmission process, and thus the privacy of the transmission process is improved.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a schematic flowchart of a privacy protection authentication method based on wireless body area networks according to an embodiment of the invention.

FIG. 2 illustrates a schematic flowchart associated with mutual authentication and key verification between a sensor node SN of a healthcare monitoring device and a cloud server HN according to an embodiment of the invention.

DETAILED DESCRIPTION OF EMBODIMENTS

Embodiments of the invention will be described in detail below in conjunction with the accompanying drawings.

As illustrated in FIG. 1 , a privacy protection authentication method based on a wireless body area network (WBAN) is provided. The privacy protection authentication method may be applied to a smart home care system (also referred to as smart elderly care system) and may include steps S1˜S5 as follows.

S1, initializing a cloud server HN. Herein, HN is the abbreviation of “Hub Node” and thus “cloud server HN” may also be referred to as “cloud server hub node”.

S2, submitting a registration request in a secure channel to a super administrator SA by a user through a device, returning registration information to the device of the user through the secure channel by the super administrator SA after computational processing, and storing the registration information in a memory.

S3, submitting an authentication request to the cloud server HN, accessing the registration information from the memory and sending the registration information after being added with verification parameters to the cloud server HN, by the user through the device.

S4, performing authentications by both the device and the cloud server HN, thereby determining a session key K_(SH) for the device and the cloud server HN.

S5, updating the registration information in the memory.

The initializing a cloud server HN may include: selecting a function of an elliptic curve E_(p) and a base point P on the elliptic curve E_(p) by the super administrator SA, then determining a long-term key K_(CHN) and secretly storing the long-term key K_(CHN) in the cloud server HN by the super administrator SA, calculating a public key Q=K_(CHN)·P of the cloud server HN through the function of the elliptic curve E_(p), and making above parameters except the long-term key K_(CHN) public.

In some embodiments, the S2 specifically includes S2.1˜S2.6 as follows.

S2.1, transmitting information with the cloud server HN through a router AP by the user after installing a healthcare monitoring device. Herein, AP is the abbreviation of “Access Point”.

S2.2, sending the registration request to the super administrator SA through the secure channel by the user.

S2.3, generating current time stamp T_(j) and storing the current time stamp T_(j) in the cloud server HN, by the super administrator SA after receiving the registration request; setting an identity id_(j) and a random integer a_(j) for a sensor node SN of the healthcare monitoring device by the super administrator SA, calculating x_(j)=a_(j)⊕h(K_(CHN), T_(j)) used for hiding the random integer a_(j), calculating y_(j)=id_(j)⊕h(K_(CHN), a_(j), T_(j)) used for hiding the identity id_(j), calculating a secret value MN_(j)=h(id_(j), K_(CHN)) between the cloud server HN and the sensor node SN of the healthcare monitoring device, and sending the registration information to the sensor node SN of the healthcare monitoring device through the router AP.

S2.4, storing the registration information {id_(j), x_(j), y_(j), MN_(J)} into the memory by the sensor node SN of the healthcare monitoring device after receiving the registration information.

S2.5, setting an identity id_(p) for the router AP by the super administrator SA, and storing the identity id_(p) in both the router AP and the cloud server HN.

S2.6, generating a device challenge value Cha_(j) based on a physical unclonable function (PUF), calculating a response value Res_(j), calculating a secret value ST_(j) of the sensor node SN and storing Cha_(j), Res_(j), ST_(j) in the memory, by the sensor node SN of the healthcare monitoring device.

As illustrated in FIG. 2 , a schematic flowchart associated with mutual authentication (also referred to as two-way authentication) and key verification between the sensor node SN of the healthcare monitoring device and the cloud server HN is shown. Specific steps S4.1˜S4.7 are carried out as follows.

S4.1, generating a random number b_(j) and current time stamp T₁ by the sensor node SN of the healthcare monitoring device, calculating two verification parameters S₁=b_(j)·P and S₂=b_(j)·Q through the function of the elliptic curve E_(p), calculating an identity verification parameter Vid_(j)=h(id_(j)∥x_(j)∥y_(j)∥S₁∥S₂∥h(S₂, MH_(j))∥T_(j)∥T₁), and sending EMS₁ {x_(j), y_(j), Vid_(j), S₁, T₁, T_(j)} to the router AP.

S4.2, adding, by the router AP after receiving the information EMS₁, the identity id_(p) into the information EMS, to obtain information EMS₂{x_(j), y_(j), Vid_(j), S₁, T₁, T_(j), id_(p)}, and sending the information EMS₂ carrying the identity id_(p) to the cloud server HN by the router AP.

S4.3, generating current time stamp T₂ and judging the time stamp T₁ and the identity id_(p) in the information EMS₂ by the cloud server HN after receiving the information EMS₂; when any one of the time stamp T₁ and the identity id_(p) is judged to be invalid, terminating the authentication;

Whereas, when both of them are passed, i.e., the time stamp T₁ and the identity id_(p) both are judged to be valid, acquiring by the cloud server HN the time stamp T_(j) and the long-term key K_(CHN) from a database, calculating a_(j)=x_(j)⊕h(K_(HN), T_(j)), id_(j)*=x_(j)⊕h(K_(HN), a_(j), T_(j)) by the cloud server HN based on content of the information EMS₂, calculating S₂*=K_(HN)·S₁ through the function of the elliptic curve E_(p), and then calculating an identity comparison verification parameter Vid_(j)*=h(id_(j)*∥x_(j)∥y_(j)∥S₁∥S₂∥h(S₂*, K_(HN)))∥T_(j)∥T₁), and comparing the identity comparison verification parameter Vid_(j)* with the identity verification parameter Vid_(j) in the information EMS₂; terminating the authentication when the comparison result indicates they are not equal, or the authentication being successful when the comparison result indicates they are equal.

S4.4, generating two random numbers a_(i) and b_(i) by the cloud server HN after successfully authenticating the sensor node SN, calculating two verification parameters S₃=b_(i)·P and S₄=b_(i)·S₁ through the function of the elliptic curve E_(p), updating x_(j) ^(new)=a_(i)⊕h(K_(CHN)∥T₂) and y_(k) ^(new)=id_(j)*⊕h(K_(CHN)∥a_(i)∥T₂), calculating transfer values μ=x_(j) ^(new)⊕h(S₂*∥h(id_(j)*∥K_(CHN))∥T₂), λ=y_(j) ^(new)⊕h(T₂∥S₂∥h(id_(j)*∥K_(CHN))) and a session key K_(SH)=h(S₁, S₂, S₃, S₄, id_(j)*, T₂), calculating an identity verification parameter Δ=h(x_(k) ^(new)∥y_(j) ^(new)∥K_(SH)∥T₂), and sending EMS₃{μ, λ, Δ, S₃, T₂, id_(p)} to the router AP. Herein, μ is configured (i.e., structured and arranged) to encrypt the x_(j) ^(new), and λ is configured to encrypt the y_(j) ^(new).

S4.5, removing the identity id_(p) by the router AP after receiving the information EMS₃ to obtain information EMS₄{μ, λ, Δ, S₃, T₂}, and then sending the information EMS₄{μ, λ, Δ, S₃, T₂} to the sensor node SN of the healthcare monitoring device.

S4.6, judging the time stamp T₂ in the information EMS₄ by the sensor node SN of the healthcare monitoring device after receiving the information EMS₄, and when the time stamp T₂ is judged to be invalid, terminating the authentication;

Whereas, when it is passed (i.e., the time stamp T₂ is judged to be valid), calculating S₄*=b_(j)·S₃ through the function of the elliptic curve E_(p) by the sensor node SN of the healthcare monitoring device, calculating updated x_(j) ^(new)*=μ⊕h(S₃∥MH_(j)∥T₂) and updated y_(j) ^(new)*=λ⊕h(T₂∥S₂∥MH_(j)), calculating K_(SH)*=h(S₁∥S₂∥S₃∥S₄*∥id_(j)∥T₂) based on content of the information EMS₄, calculating an identity comparison verification parameter Δ*=h(x_(j) ^(new)*∥y_(j) ^(new)*∥K_(SH)∥T₂), and comparing the identity comparison verification parameter Δ* with the identity verification parameter Δ in the information EMS₄; terminating the authentication when the comparison result indicates they are not equal, or the authentication being successful when the comparison result indicates they are equal.

S4.7, after the authentication is passed (i.e., the sensor node SN successfully authenticates the cloud server HN), acquiring the session key K_(SH)*=h(S₁∥S₂∥S₃∥S₄*∥id_(j)∥T₂) from the information EMS₄ by the sensor node SN of the healthcare monitoring device, using x_(j) ^(new)* to replace x_(j) of the registration information in the memory, and using y_(j) ^(new)* to replace y_(j) of the registration information in the memory.

A method for time stamp judgement may be that ∥T_(n)−T_(n+1)∥≤ΔT, where T_(n) is the time stamp contained in the information sent from a previous stage, T_(n+1) is the current time stamp obtained by a device when receiving the information, and ΔT is a preset maximum delay time allowed in a communication process. When the time difference between T_(n) and T_(n+1) is greater than the threshold ΔT, the authentication is terminated, and whereas when the time difference is less than the threshold ΔT, going to the next step.

The above parameters with the symbol “*” are information may be stolen or impersonated by the third party in the authentication processes. 

What is claimed is:
 1. A privacy protection authentication method based on a wireless body area network, comprising: S1, initializing a cloud server HN; S2, submitting a registration request in a secure channel to a super administrator SA by a user through a device, and returning registration information to the device through the secure channel by the super administrator after computational processing; S3, submitting an authentication request to the cloud server HN, accessing the registration information from a memory and sending the registration information after being added with verification parameters to the cloud server HN, by the user through the device; S4, determining a session key K_(SH) for the device and the cloud server HN, after the device and the cloud server HN both complete authentications; and S5, updating the registration information in the memory; wherein the device and the cloud server HN transmit information EMS through a wireless public channel, the information EMS is relayed through a router AP, the router AP is responsible for relaying and forwarding the information EMS, and an identity id_(p) of the router AP is added to or removed from the relayed information EMS; and wherein the S2 specifically comprises: S2.1, transmitting information with the super administrator SA through the secure channel by the user after installing a healthcare monitoring device; S2.2, sending the registration request to the super administrator SA through the secure channel by the user; S2.3, generating current time stamp T_(j) and storing the current time stamp T_(j) in the cloud server HN, by the super administrator SA after receiving the registration request; setting an identity id_(j) and a random integer a_(j) for a sensor node SN of the healthcare monitoring device by the super administrator SA, calculating public values x_(j) and y_(j) between the cloud server HN and the sensor node SN of the healthcare monitoring device and a secret value MN_(j) between the cloud server HN and the sensor node SN of the healthcare monitoring device, and sending the registration information to the sensor node SN of the healthcare monitoring device through the secure channel; S2.4, storing the registration information {id_(j), x_(j), y_(j), MN_(j)} to the memory by the sensor node SN of the healthcare monitoring device after receiving the registration information; S2.5, setting an identity id_(p) for a router AP by the super administrator SA, and storing the identity id_(p) in both the router AP and the cloud server HN; and S2.6, generating a device challenge value Cha_(j) based on a physical unclonable function (PUF), calculating a response value Res_(j), calculating a secret value ST_(j) of the sensor node SN and storing Cha_(j), Res_(j), ST_(j) in the memory, by the sensor node SN of the healthcare monitoring device.
 2. The privacy protection authentication method as claimed in claim 1, wherein the initializing a cloud server HN specifically comprises: selecting a function of an elliptic curve E_(p) and a base point P on the elliptic curve E_(p) by the super administrator SA, then determining a long-term key K_(CHN) and secretly storing the long-term key K_(CHN) in the cloud server HN by the super administrator SA, calculating a public key Q=K_(CHN)·P of the cloud server HN through the function of the elliptic curve E_(p), and making parameters except the long-term key K_(CHN) public.
 3. The privacy protection authentication method as claimed in claim 1, wherein the authentications in the S4 are based on mutual authentication and key verification between a sensor node SN of a healthcare monitoring device and the cloud server HN.
 4. The privacy protection authentication method as claimed in claim 3, wherein specific steps of the mutual authentication and key verification comprise: S4.1, generating current time stamp T₁, obtaining an identity verification parameter Vid_(j) through encrypted computation and sending information EMS₁ to a router AP, by the sensor node SN of the healthcare monitoring device; S4.2, adding, by the router AP after receiving the information EMS₁, an identity id_(p) into the information EMS₁ to obtain information EMS₂, and sending the information EMS₂ carrying the identity id_(p) of the router AP to the cloud server HN by the router AP; S4.3, generating current time stamp T₂ and judging the time stamp T₁ and the identity id_(p) in the information EMS₂ by the cloud server HN; when any one of the time stamp T₁ and the identity id_(p) is judged to be invalid, terminating a first authentication; when the time stamp T₁ and the identity id_(p) both are judged to be valid, acquiring by the cloud server HN a time stamp T_(j) and a long-term key K_(CHN) from a database, performing computation on the time stamp T_(j) and the long-term key K_(CHN) together with parameters in the information EMS₂ to obtain an identity comparison verification parameter Vid_(j)* and comparing the identity comparison verification parameter Vid_(j)* with the identity verification parameter Vid_(j) in the information EMS₂ to obtain a comparison result, terminating the first authentication when the comparison result indicates they are not equal, the first authentication being successful when the comparison result indicates they are equal; S4.4, generating a session key K_(SH) by the cloud server HN after the first authentication is successful, and sending information EMS₃ to the router AP after obtaining an identity verification parameter Δ through computation; S4.5, removing the identity id_(p) by the router AP after receiving the information EMS₃ to obtain information EMS₄, and then sending the information EMS₄ to the sensor node SN of the healthcare monitoring device; S4.6, generating current time stamp T₃ and judging a time stamp T₂ in the information EMS₄ by the sensor node SN of the healthcare monitoring device; when the time stamp T₂ is judged to be invalid, terminating a second authentication; when the time stamp T₂ is judged to be valid, obtaining an identity id_(j) from the sensor node SN by the sensor node SN of the healthcare monitoring device, performing computation on the identity id_(j) together with parameters in the information EMS₄ to obtain an identity comparison verification parameter Δ* and comparing the identity comparison verification parameter Δ* with the identity verification parameter Δ in the information EMS₄ to obtain a second comparison result, terminating the second authentication when the second comparison result indicates they are not equal, the second authentication being successful when the second comparison result indicates they are equal; and S4.7, after the second authentication is successful, acquiring the session key K_(SH) from the information EMS₄ by the sensor node SN of the healthcare monitoring device, and updating the registration information in the memory.
 5. The privacy protection authentication method as claimed in claim 4, wherein a method of time stamp judgement is |T_(n)−T_(n+1)|≤ΔT, where T_(n) represents a time stamp contained in information sent from a previous stage, T_(n+1) represents current time stamp obtained by a device when receiving the information sent from the previous stage, and ΔT represents a preset maximum delay time allowed in a communication process; when a time difference between T_(n) and T_(n+1) is greater than the threshold ΔT, an authentication is terminated, and whereas when the time difference is less than the threshold ΔT, going to a next step.
 6. The privacy protection authentication method as claimed in claim 4, wherein the S4.1specifically comprises: generating, by the sensor node SN of the healthcare monitoring device, a random number b_(j) and the current time stamp T₁, calculating two verification parameters S₁=b_(j)·P and S₂=b_(j)·Q through a function of an elliptic curve E_(p), calculating the identity verification parameter Vid_(j)=h(id_(j)∥x_(j)∥y_(j)∥S₁∥S₂∥h(S₂, MH_(j))∥T_(j)∥T₁), and adding {x_(j), y_(j), Vid_(j), S₁, T₁, T_(j)} into the information EMS₁, where x_(j) and y_(j) are acquired from the memory; wherein the S4.3 specifically comprises: when the time stamp T₁ and the identity id_(p) both are judged to be valid, calculating a_(j)=x_(j)⊕h(K_(HN), T_(j)), id_(j)*=x_(j)⊕h(K_(HN), a_(j), T_(j)) by the cloud server HN based on content of the information EMS₂, calculating S₂*=K_(HN)·S₁ through the function of the elliptic curve E_(p), and then obtaining the identity comparison verification parameter Vid_(j)*=h(id_(j)*∥x_(j)∥y_(j)∥S₁∥S₂*∥h(S₂*, h(id_(j)*, K_(HN)))∥T_(j)∥T₁) through computation; wherein the S4.4 specifically comprises: generating two random numbers a_(i) and b_(i) by the cloud server HN, calculating two verification parameters S₃=b_(i)·P and S₄=b_(i)·S₁ through the function of the elliptic curve E_(p), updating x_(j) ^(new)=a_(i)⊕h(K_(CHN)∥T₂) and y_(j) ^(new)=id_(j)*⊕h(K_(CHN)∥a_(i)∥T₂), calculating transfer values μ=x_(j) ^(new)⊕h(S₂*∥h(id_(j)*∥K_(CHN))∥T₂) and λ=y_(j) ^(new)⊕h(T₂∥S₂*∥h(id_(j)*∥K_(CHN))), calculating the session key K_(SH), calculating the identity verification parameter Δ=h(x_(j) ^(new)∥y_(j) ^(new)∥K_(SH)∥T₂), and adding {μ,λ, Δ, S₃, T₂, id_(p)} into the information EMS₃, where μ is configured to encrypt the x_(j) ^(new), and λ is configured to encrypt the y_(j) ^(new); wherein the S4.6 specifically comprises: when the time stamp T₂ is judged to be valid, calculating S₄*=b_(j)·S₃ through the function of the elliptic curve E_(p) by the sensor node SN of the healthcare monitoring device, calculating updated x_(j) ^(new)*=μ⊕h(S₃∥MH_(j)∥T₂) and updated y_(j) ^(new)*=λ⊕h(T₂∥S₂∥MH_(j)), calculating a session key K_(SH)* based on content of the information EMS₄, and calculating the identity comparison verification parameter Δ*=h(x_(j) ^(new)*∥y_(j) ^(new)*∥K_(SH)*∥T₂); wherein identity verification parameter comparison is comparing an identity verification parameter carried by information EMS sent from a previous stage with an identity comparison verification parameter obtained by each of the sensor node SN of the health monitoring device and the cloud server HN based on existing parameters, the identity verification parameter carried by information EMS sent from a previous stage is one of Vid_(j)=h(id_(j)∥x_(j)∥y_(j)∥S₁∥S₂∥h(S₂, MH_(j))∥T_(j)∥T₁) of the sensor node SN of the healthcare monitoring device and Δ=h(x_(j) ^(new)∥y_(j) ^(new)∥K_(SH)∥T₂) of the cloud server HN, the identity comparison verification parameter obtained by each of the sensor node SN of the health monitoring device and the cloud server HN based on existing parameters is one of Vid_(j)*=h(id_(j)*∥x_(j)∥y_(j)∥S₁∥S₂*∥h(S₂*, h(id_(j)*, K_(HN)))∥T_(j)∥T₁) of the cloud server HN and Δ*=h(x_(j) ^(new)*∥y_(j) ^(new)*∥K_(SH)*∥T₂) of the sensor node SN of the healthcare monitoring device.
 7. The privacy protection authentication device as claimed in claim 4, wherein the updating the registration information specifically comprises: after the device and the cloud server HN complete the mutual authentication and key verification, acquiring, by the healthcare monitoring device, parameters from the information EMS₄ sent by the cloud server HN, calculating x_(j) ^(new)*=μ⊕h(S₃∥MH_(j)∥T₂) and y_(j) ^(new)*=λ⊕h(T₂∥S₂∥MH_(j)), using x_(j) ^(new)* to replace x_(j) of the registration information in the memory, and using y_(j) ^(new)* to replace y_(j) of the registration information in the memory.
 8. The privacy protection authentication device as claimed in claim 1, wherein the updating the registration information specifically comprises: after the device and the cloud server HN complete mutual authentication and key verification, acquiring, by the device, parameters from information EMS₄ sent by the cloud server HN, calculating x_(j) ^(new)*=μ⊕h(S₃∥MH_(j)∥T₂) and y_(j) ^(new)*=Δ⊕h(T₂∥S₂∥MH_(j)), using x_(j) ^(new)* to replace x_(j) of the registration information in the memory, and using y_(j) ^(new)* to replace y_(j) of the registration information in the memory. 